Cheeky Botnet Pusher Markets Wares On Facebook

The Web’s dark markets are not enough for some it appears, as a botnet marketer has started selling services on Facebook.

A Facebook page was discovered pushing a demo of a control panel for a Zeus botnet, which harvests financial data to let criminals access bank accounts.

The demo appears to be fairly basic, but users can contact the seller to get the full package.

Malware marketing

“For the developer it seems to be a hobby/project of sorts (very common to guys that work on malware). But there is a second guy moving this, he runs the FB page itself and seems to be selling stolen financial data derived from Trojan logs,” Limor Kessem, team leader at RSA’s Anti-Fraud Command Centre (AFCC).

“It’s not new in terms of technical make up, but we were surprised to see it out on Facebook alongside posts that show there is real financial fraud going on.”

RSA has confirmed it is working with Facebook on an investigation into the page, which was also offering information on exploits. TechWeek checked, and found the Casper Spy Botnet page seen below:

The page admin is called Alexandra Dmitriev, who claims to be a Russian and an administrator on the Russian Hacker Girl website. It’s unclear whether he/she is a malicious hacker or a risk-taking black hat.

Below is an image of the console website the Facebook page linked to:

RSA believes the Zeus code leak of 2011 led to plenty of innovation by cyber criminals, making for a more diverse market. And some crooks are happy their nation’s laws are so lax they won’t be punished, so they can now market illegal goods in such open forums.

“Those who would take such a chance, in favour of selling their wares to a larger audience, do so because they trust the anti-digital crime laws in their counties are more forgiving or downright absent,” RSA said.

What do you know about Internet security? Find out with our quiz!

Thomas Brewster

Tom Brewster is TechWeek Europe's Security Correspondent. He has also been named BT Information Security Journalist of the Year in 2012 and 2013.

Recent Posts

Craig Wright Sentenced For Contempt Of Court

Suspended prison sentence for Craig Wright for “flagrant breach” of court order, after his false…

3 days ago

El Salvador To Sell Or Discontinue Bitcoin Wallet, After IMF Deal

Cash-strapped south American country agrees to sell or discontinue its national Bitcoin wallet after signing…

3 days ago

UK’s ICO Labels Google ‘Irresponsible’ For Tracking Change

Google's change will allow advertisers to track customers' digital “fingerprints”, but UK data protection watchdog…

3 days ago

EU Publishes iOS Interoperability Plans

European Commission publishes preliminary instructions to Apple on how to open up iOS to rivals,…

4 days ago

Momeni Convicted In Bob Lee Murder

San Francisco jury finds Nima Momeni guilty of second-degree murder of Cash App founder Bob…

4 days ago